Security is the Biggest Threat to Security

Mark - Sep. 24, 2006

The most obvious reason for such stupidity is that applications such as McAfee et al don't really know when the user has initiated something, when it's an application just doing regular, harmless, scheduled stuff, or whether it IS a potential virus/trojan/whatever trying to do dastardly stuff.

But I weep for the clueless person sitting in some office somewhere, always having to click that useless popup every time he/she wants to send an email.

Why can't everyone just switch to Mac? :) Seems to me, there's an ever-diminishing number of reasons to stick with Windows, these days.

Matthijs - Sep. 24, 2006

These popups have nothing to do with warning you or any other "functionality". They are there for only one reason: to keep people afraid. So people keep buying the software. It's very simple.

It's just like the american government and the anti-terror stuff. They want people to be afraid, so the people swollow all the "security measures".

You should try removing the anti-vir software. The software is only useful for when you already are infected. For when it's too late. To prevent you from getting a virus, you should follow Mark's advice (I did), or else be carefull in what you do. Don't open strange emails etc.

Matthijs - Sep. 25, 2006

Well ok then I understand it. I could also install basecamp/parallels and xp/vista on my mac but I haven't done yet, because it just feels wrong .. :) Don't want to have anything windows-ish on my mac. I'll keep my pc near when I have to use windows.

But to get back on topic: McAfee does indeed do very weird stuff. Often it even warns me that a program has been changed since I last used it, and asks if I want to allow that programm access to internet. You already guess which program that is: yes, one of the mcafee programs itself! (after an update or something).

On your story about the spam: have you ever tried using Thunderbird and didn't that work as well? The strange thing is, everybody complaints about spam, but in my case Thunderbird filters 99,6% of the spam. No false-positives whatsoever. 20-30 spam emails a day (ok, not too much), all end up in the junk folder automaticly. Am I just very lucky?

Jason - Sep. 25, 2006

There's nothing I hate more than a security application that comes preloaded with "trusted" software (read: Windows XP's firewall). What if I don't trust the program to trus the right companies (I certainly don't Microsoft to make that choice). Heck, I don't even want a program to trust itself unless I told it to. Give me the popup, give me the choice, but once I make the choice, go away and do what I told you...

The only way to keep yourself protected is to be knowledgeable. A computer is like a car, the more you know about how it runs when it is running properly, the better chance you have to detect when something is wrong - and fix it before the problem escalates.

Daniel - Oct. 16, 2006

As a former security researcher (10+ years of researching security bugs from 1995-2005) I can say i agree with most of what you say.

Modern security does get in the way, but there is a reason behind this. Lets take the insecure Microsoft Windows platform. It was never designed with security in mind, but with USABILITY. Look where we are at now:

- MS Windows is more insecure than any other software out there

- Outlook and IE have full kernel level access (why?)

- Most boxes are t00ted within 1 hour of being on the web.

All this came from usability, that rich user experience that every sucker and his dog wanted. So the crux came when users also wanted a more secure environment, which isn't easy if you have ever developed large scale applications or operating systems.

As for your comment about that Mac, i'm a staunch mac user but your comment is why Apple don't take our research seriously. Macs aren't as secure as you think they are, BELIEVE me!

Security should be about making the experience a more enjoyable one, but at some point there has to be some tradeoff with usability. Lets take your car, dont you find it SO annoying that you have to put a key in the door, then in the steering lock and then start the car? The reason for that is there needs to be multiple layers of security so some punk doesn't steal the bugger.

There will always be a constant battle to acheive a application which is secure and totally user friendly. Don't kid yourself into thinking OS X is more secure, because if you have experience in bug hunting, Apple are making 10 year old mistakes with a 2006 operating system billed as the next generation and are still doing so with Leopard (and yes, im a valid ADC member currently reviewing it)

Daniel - Oct. 16, 2006

Totally agree, but the popups generally are put in place as average users just don't get it.

It's 2006, there should be NO viruses for computers, but we have loads as users are click happy and have no damn clue about using their computers. I send a mail out with the attachment name "paris hiltons naked and dirty.jpg.pif" and someone is bound to click it.

Granted the program should silently deal with the issue, but this becomes a massive support headache. Want to know why Apple decided to ship a default build of OS X with the firewall disabled? Simple. it would cause the traffic for the support hotline to go through the roof.

Some warning is good. We have pushed for a system in both OS's that warn the user when some action is against the wishes of that user (typical footprints of malicious code), but it will always be shot down as no company wants to admit they have a insecure platform.

Leopard is no different, but im under strict NDA to shut the hell up about it, so i need to do just that.

Love your writing style tho, and the site design is sweet!

Jesper Rønn-Jensen - Oct. 17, 2006

Thomas. I think your points are brilliant. Security should not be an opposition to usability.

Actually, I discussed this briefly with Rolf Molich at UI11, where he had two presentations. We talked about how security usually gets in the way for usability, and that opens up for social engineering: Users writing complicated passwords elsewhere: On sticky-notes, unencrypted text documents, etc.

And that reminded me of Rolf's relevant article (in Danish) "Den gode, den onde og den skødesløse". Word format, can be downloaded from http://www.dialogdesign.dk/kronikkerogartikler.html

Percy - Oct. 20, 2006

The basic thing here is whether we need security from ourselves when we're using the computer or any other devices. Most applications seem to think that we do and that's why we have so many confirmation dialog boxes and mostly idiotic messages.

Part of this comes from lazy programming because it absolves the programmer who can say, I asked you and you confirmed it. It's easier to ask, 'Are you sure? Are you really really sure?' than it is to let the user do something and allow the user to recover from it, if he or she changes her mind.

It's almost like a pre-emptive strike, pre-crime if sci-fi is your thing.

Huygens - Mar. 25, 2007

A bit late to reply, but I wanted to reply to Daniel about a few points.

First, Microsoft did not build OS or other products with usability in mind until recently. But I agree that it is also only recently that they started to have security in mind. They always and still have $$ in mind. They find out late that their products were starting to be over complex to the casual user who had nothing to do with the enthusiast person of the first days. So they decided that they should improve the usability of their software before people starts turning to alt=ernatives. Then, security arrived, they had basically a similar problem, people and organisation would soon turn away from their products, so they had to take that into account too if they wanted to get more mighty $! Simple!

As for the security application and why they fail. Seeing that my father got infected twice while even paying for a commercial internet security product (which includes an anti-virus) I can say only one thing: security products are damn stupid. The last one he got was by simply looking for a digital compass under his favourite search engine, he clicked one of the first link proposed and was infected. He was using XP SP2 with Norton Internet Security and IE, all with latest updates. No warning, no nothing, just simply infected. And I had a difficult one full day to clean the complete computer x-( Using the pop-up warning (when it works) seems from a technical point of view a good replacement for the lack of intelligence in the security products: I mean instead of using CPU to verify a situation, the products ask the user brain.

Another example from a friend who had also Norton Internet Security and was proud to tell that people have been trying to hack into his computer but that Norton was each time blocking them (and informing him with nice pop-up). These information is of no use to a casual user especially when they are wrong, a simple connection attempt was triggering the warning! It is a good commercial way to scare people out so they don't want to deactivate the products (all those hacker might get control of your machine then!!) and keep on buying newer license.

One last thing about the firewall. Ubuntu does not have a firewall activated by default neither, and the network is pretty secure all the same by default, why? Because not even a single port is opened. What would bring a firewall then? Stealt=h maybe, but this is breaking standard network rules, so that many firewall still allow ICMP echo. Windows needs a firewall activated by default because it has many unsafe service running and opening network port, and for pre-SP2 release it was opening printer or folder sharing to the entire world also! No wonder why it was so unsafe... You can take a Mac or Linux or one of the BSD* and they were not doing such a mistake.

There is no holy grail for security, but the most of the current security products (including OS) are taking the wrong path about how to solve the problem. And from my point of view, Mac OS X, Linux and assimilates are not the holy grail but they are in the right direction for it :-)

Sylvain Rodrigue - Oct. 14, 2007

Excellent post !

I will add a link to it in my next post for my friends' sake. Thanks !

I load a lot of web pages from my intranet and even my own PC (pages that I wrote or save myself !), And this damn IE is always trying to say « Did you saw my last security advice ?? You have been severly threatened by this plain text page named : Google Advanced Search Help, you know ? Want my advice again ? Shure ? Because I want you to know that Windows is now a damn secure box ! So secure that nobody can event look at it without receiving a bucket full of warnings on their mouth !".

I really hate that. My computer contains nothing of value - my data (picture, old love letters, current C# work) are unusable by anyone and are backuped everyweek other day on an off-line USB Drive (and of course, I didn't wrote down my credit number in a text file sitting on the desktop ! Morover, I could have done that without any problem : Visa is responsible for anything bought with my card on the internet without my consent !).

Worst : my comporate network is so secure, we (developers) cannot send any script, .reg files (even zipped or rared) to any coworker... We have to rename it, scrambled it, zip it with a password, etc. Of, course, we're not admin : we cannot install anything or change the wallpaper, or even resize or move the task bar !

Hey, I'm in computer science since 1989. I used to work for smalls and larges corporations and none (none !) of them ever had a serious problem regarding security. No viruses, worms, root kit, nothing.

I download a lot of demo products from a lot of web site (including small games that I never read about before) and the only threat I ever had to faced was web site trackers.

Your title= really give the big picture. Love that post. I have added it to my best internet reading of the year :o)

Thanks,

Sylvain Rodrigue, Paris.